Hardening your WinXP Box.

Hey everyone, just thought I'd put up a quick tutorial on how to harden up your WinXP machine. I use no third party utilities, and my OS is Windows XP x64 with Service Pack 2. I am using Windows Firewall from the Security Centre.

First thing's first, lets disable HOSTS/LMHOSTS file poisoning. The HOSTS file is a pre-dated name resolution method, where you would resolve an IP address to a hostname. That is why if you open up your cmd.exe console, and type "ping localhost", it will show "pinging 127.0.0.1". You are pinging your loopback number, but instead of putting in the ip address, you can simply put in localhost. But this presents a security issue. Suppose you run a program, and it does what it is supposed to do, in the foreground. But in the background, it changes your HOSTS and LMHOSTS lookup file to point something like www.gmail.com to their own website, that looks exactly like the gmail site. So when you open up your browser, and go to check your email, you log into a fake site, and the hacker now has your username and password. To prevent this, do the following: